VDB
CVE-2019-12651
CVE-2019-12651
PUBLISHED
CVSS 7.599999904632568 HIGH
Multiple vulnerabilities in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to execute commands with elevated privileges on the affected device. For more information about these vulnerabilities, see the Details section of this advisory.
EPSS 22.62% · 96.0th percentile
Risk Scores
CVSS 3.0
7.599999904632568
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
EPSS Score
22.62%
96.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| cisco | ios | 16.11.1 |
| cisco | integrated_services_virtual_router_firmware | 16.6.5 |
| cisco | cloud_services_router_1000v_firmware | 17.1.1 |
| Cisco | Cisco IOS XE Software 3.2.11aSG | * |
Exploit Intelligence
Timeline
- Sep 25, 2019 CVE Published
- Apr 14, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 4, 2023 EPSS Score
References
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-identd-dos advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-webui-cmd-injection advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-iox advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-rawtcp-dos advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ios-gos-auth advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-cat4000-tcp-dos advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-iosxe-fsdos advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-ftp advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-utd advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-iosxe-digsig-bypass advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sip-dos advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-sip-alg advisory
- https://nvd.nist.gov/vuln/detail/CVE-2019-12651 advisory